Skip to content

Fixed isAuthorized() wrt to new Roles Table

Vedant Wakalkar requested to merge phoenix/feature/authorization into phoenix/develop

Fixes

Fixes for #84 no by @Karna98 (Partially)

Description

Updated codebase according to the new role table structure.

Type of PR

This PR is an improvement.

Technicalities

  • Each User is initialized with role_id: 10 (normal user role) on registration.
  • If the user has admin access, then he will be able to access admin functionality. (role_id: 1)

Tests

  • New Registration is assigned role_id : 10.
    (Verify in roles_users table)
  • On log in, no new row should be added in roles_users table.
  • If the user has no roles associated in roles_users table, then he is not allowed to log in.
    (Trick: delete the row related to that user in roles_users table)
  • When a user does not have 2FA, on login, he is prompted to set up 2FA. After setting 2FA, he will be logged in. In this scenario, no new row should be added for this operation.
    (Trick: Set 2FA status = 0 in Users table)
  • Updated Links for Browse on the Home page and Dashboard (Admin Login) on Home Page. (Click and see if that works)
  • Admin can now change user's role. Dashboard -> Users -> Select User -> Edit. (change roles and see if it is reflected in DB and log in as the user to see if updated roles are reflected)
  • Active status is checked before login. (Make user's status active = 0 and try to log in that user account)
  • Check all the pages are shown and restricted according to their access. (Try accessing admin pages)

Note: Updated Users, Roles, Roles_Users table shared in #database schema

Checklist:

  • My pull request has a descriptive title (not a vague title like "Update index.md").
  • My pull request targets the phoenix/develop branch of the repository.
  • My commit messages follow best practices.
  • My code follows the established code style of the repository.
  • I added tests for the changes I made (if applicable).
  • I added or updated documentation (if applicable).
  • I tried running the project locally and verified that there are no visible errors.
Edited by Vedant Wakalkar

Merge request reports